Cybersecurity Basics and Threats MCQ for Professionals
Enhance your knowledge of cybersecurity basics and common threats with our MCQ Test. Test your skills on security protocols, malware and cyberattack prevention.
📌 Important Exam Instructions
✅ This is a free online test. Do not pay anyone claiming otherwise.
📋 Total Questions: 30
⏳ Time Limit: 30 minutes
📝 Marking Scheme: +1 for each correct answer. No negative marking.
⚠️ Avoid page refresh or closing the browser tab to prevent loss of test data.
🔍 Carefully read all questions before submitting your answers.
🎯 Best of Luck! Stay focused and do your best. 🚀
Time Left (min): 00:00
1. What is the primary goal of cybersecurity?
To ensure that systems and data are protected from unauthorized access and attacks
To make systems faster and more efficient
To improve the performance of websites
To protect only sensitive financial data
2. Which of the following is an example of a social engineering attack?
Phishing
Man-in-the-middle attack
Denial-of-Service (DoS) attack
SQL injection
3. What does the term "malware" refer to?
Software designed to protect against cyberattacks
Software used for data backup
Malicious software intended to cause harm or unauthorized access
Software used for network optimization
4. Which of the following is a common type of malware that encrypts files and demands payment for decryption?
Trojan horse
Worm
Ransomware
Spyware
5. What does the term "phishing" refer to in cybersecurity?
A technique used to track online activities
A form of attack where fraudulent emails or websites deceive users into providing sensitive information
A type of virus that replicates itself
An encrypted communication method used for secure transactions
6. Which of the following is an example of a brute-force attack?
Guessing passwords through automated software until the correct one is found
Exploiting a vulnerability in a website
Using social engineering to gather personal information
Intercepting network traffic to steal data
7. What is a firewall primarily used for?
To enhance the user interface of a website
To protect a computer network by controlling incoming and outgoing traffic
To make websites load faster
To clean up viruses from infected files
8. Which of the following best describes a Denial-of-Service (DoS) attack?
A threat to steal financial information
An attempt to make a service unavailable by overwhelming it with excessive traffic
A method of exploiting system vulnerabilities
A technique for bypassing authentication mechanisms
9. What is the purpose of encryption in cybersecurity?
To prevent unauthorized access to data by transforming it into unreadable content
To speed up the transmission of sensitive data
To prevent users from accessing certain files
To improve the aesthetic appeal of data
10. Which of the following is a vulnerability in a system that can be exploited by attackers?
Patch
Software bug or flaw
Encryption key
Secure password
11. What is the purpose of a VPN (Virtual Private Network)?
To increase the speed of internet browsing
To allow secure communication over a public network by encrypting data
To block access to specific websites
To improve Wi-Fi signal strength
12. Which of the following is an example of a passive cybersecurity defense?
Encryption
Firewall
Intrusion detection system (IDS)
Security awareness training
13. What does the term "data breach" refer to?
The practice of backing up data to external storage
Unauthorized access or disclosure of sensitive data
The act of hacking into a system without leaving traces
A type of encrypted communication
14. Which of the following is a common method of securing communication on the internet?
Using a VPN to encrypt traffic
Installing anti-virus software
Disabling firewalls
Using weak passwords
15. What is "cross-site scripting" (XSS)?
An attack that injects malicious scripts into web pages viewed by users
A method for bypassing authentication systems
An attack to steal sensitive data from databases
A denial-of-service attack
16. Which of the following is a feature of an effective incident response plan?
Regular updates to address new threats
Ignoring low-level threats
Relying solely on external support
Focusing on prevention only
17. What is the purpose of a "zero-day" exploit?
To exploit vulnerabilities in a system before the vendor has released a patch
To encrypt sensitive files
To block access to websites
To prevent unauthorized users from accessing a network
18. Which of the following types of malware attempts to exploit a security flaw in a program to execute arbitrary code?
Worm
Trojan horse
Buffer overflow
Rootkit
19. What does the term "social engineering" refer to in cybersecurity?
Using technical skills to hack systems
Manipulating individuals into divulging confidential information or performing actions that compromise security
Using firewalls to block attacks
Testing the security of a network
20. What does an "IDS" (Intrusion Detection System) do?
Prevents unauthorized access to a network
Detects potential security breaches or attacks in real-time
Manages network traffic
Encrypts sensitive data
21. What does the acronym "APT" stand for in cybersecurity?
Advanced Persistent Threat
Advanced Protected Technique
Automated Phishing Tool
Authorized Penetration Test
22. Which of the following is NOT a good practice for safeguarding sensitive data?
Using encryption to protect data in transit and at rest
Regularly updating security patches
Storing passwords in plain text
Restricting access to sensitive data based on roles
23. What is the function of an "antivirus" program?
To prevent hackers from accessing your device
To detect and remove malicious software
To optimize the performance of a computer
To block unauthorized network traffic
24. Which of the following is considered an insider threat?
An attacker who gains unauthorized access from outside the organization
A system glitch that causes a security breach
An employee who intentionally or unintentionally compromises security
A malicious script targeting a website
25. What does a "Man-in-the-Middle" (MitM) attack involve?
Intercepting communication between two parties to alter or steal information
Injecting malicious code into a website to steal data
Overloading a network with traffic to cause a denial of service
Phishing for login credentials through email
26. What does the term "patch management" refer to in cybersecurity?
The process of updating software to fix vulnerabilities and improve security
The practice of using firewalls to block incoming traffic
Monitoring networks for any signs of unauthorized access
Encrypting sensitive data during transmission
27. Which of the following is an example of a physical security measure in cybersecurity?
Using multi-factor authentication
Installing biometric authentication systems
Using encryption to protect stored data
Implementing access control lists (ACLs)
28. Which of the following describes a "backdoor" in cybersecurity?
A hidden method of bypassing normal authentication to access a system
A vulnerability that is intentionally left open by the software vendor
A technique used to encrypt data for safe transmission
A tool used for managing firewalls
29. What is the purpose of a "honeypot" in cybersecurity?
To monitor network traffic for suspicious activity by simulating a vulnerable system
To encrypt sensitive data in storage
To limit access to specific users only
To block spam and phishing attempts
30. What is the main function of a "sandbox" in cybersecurity testing?
To provide a controlled environment for running and analyzing potentially malicious code